Description
The TRNG-0603 IronShield Security course is an in-depth study
of the features that Foundry has deployed in its full range of Layer 2-3
switches, routers, and intelligent traffic management devices to implement
secure networks. It covers the operations, configuration, troubleshooting
and network analysis using Foundry’s products. Upon completion of this
course, you will be able to use the Foundry Networks’ devices as policy
enforcement points.
Who will benefit?
Anyone working with Foundry products.
Prerequisites
TRNG 0103 Basic Switch/Router Configuration and Management. A
working knowledge of Foundry Network’s CLI is a must.
Objectives
By the end of the course delegates will be able to:
- Identify layer 2 and 3 security issues and how they are addressed on
Foundry Networks devices.
- Describe Foundry Networks security strategies and initiatives.
- Implement the typical Foundry layer 2/3 security features demonstrating
the hardening of Foundry devices.
- Use imbedded Foundry tools to monitor and identify basic security breeches.
- Configure Foundry devices to use TACACS+/RADIUS.
Duration: 2 days
>> Dates, prices & bookings for this course
>> Back to Foundry Networks courses overview
|
Contents
Ironshield introduction
Network security, security planning, levels of security defined by Foundry, common attacks, IronShield, identifying which Foundry devices to protect, network intrusions, how to recognize network intrusion.
Warning banners
Why warning banners are used, setting up warning banners, proper warning banner text.
Passwords
Strong passwords, implementing passwords, the different login password formats for Foundry devices, TACAS+/RADIUS, configuring TACACS+/RADIUS on Foundry devices, setting up authorization with TACACS+ / RADIUS, configuring VLANs for management, excluding VLANs from management.
Secure Shell (SSH)
What is SSH? Why use SSH? implementing SSH, configuring SSH on Foundry devices, defining and using keys, transferring files from a Foundry device using Secure Copy
SNMP V1, V2, V3
The different SNMP versions, configuring SNMP version 1, 2 and 3, advantages and disadvantages of the different versions of SNMP, blocking SNMP access from/to the Internet, SNMP views.
Unnecessary protocols
Potentially unnecessary components, denying access to potentially unused protocols.
DoS
What is a DoS attack? How to recognize a DoS attack, TCP Syn attack prevention, Smurf attacks and preventions, TCP SYN attack preventions, limiting broadcast packets, DoS attack protection, spoofing, defending against spoofing with ACLs, creating and applying inbound and outbound Anti-Spoofing ACLs.
Time and logging
The value of having synchronized time, SNTP on Foundry devices, Foundry logging methods, setting up logging features, setting up Foundry devices to send to external Syslog servers.
802.1x port security
802.1x uses, configuring and deploying 802.1x.
Worms
What is a worm? How worms work, possible worm defences.
Special issues
System performance issues when implementing security pros and cons of implementing security, administration duties.
|
Site Map | Legal | Privacy | Terms & Conditions..
